EXPERTISE

Through our strategic partnerships and expert skills, we help you to optimise your digital transformation. We have a global footprint with a direct presence in 49 countries and, through our partners, we can deliver our services in a further 103 countries.

Featured

SOLUTIONS

Here at NEC New Zealand, we not only have a wide range of areas of expertise, but we’re also able to deliver customised solutions for your business. As a world leader in biometrics, we have a range of solutions that incorporate our world-leading biometrics technologies.

Featured

INDUSTRIES

As an Information and Communications Technology (ICT) leader with almost 120 years of expertise, NEC has leveraged its adaptive solutions to enable individuals, businesses and government agencies to achieve more flexible, secure and responsive work environments.

Featured

NEC will provide a Facial Recognition system for the 2020 Olympic Games. Read case study

PARTNERS

Whether it’s a global partnership with Juniper Networks or a local partnership with communications specialist Tait Communications, NEC has developed strategic partnerships with leaders in the field in order to deliver high-quality, turnkey solutions tailored to your business.

Featured

INNOVATION

AT NEC, we invest heavily in R&D in order to remain at the leading edge of technological advances across our range of areas of expertise. We have also developed a technology vision which guides our research and development to create new value.

Featured

ABOUT NEC

NEC has a dedicated team right here in New Zealand combined with our global expertise and R&D which contribute to delivering expertise across a wide range of areas. Our aim is to maximise your ROI from technology investments.

Featured

NEC Iris Recognition Technology Ranks First in NIST Accuracy Testing. Find out more

5 of the biggest threats to Cyber Security in 2020

As the world currently adjusts to life during the COVID-19 pandemic, there are always people seeking to profit from the situation that is impacting on so many lives.

During the crisis, we have seen a huge uplift in the use of video conferencing technology such as Zoom. As daily users have skyrocketed from 10 million in December to 200 million as we head towards the end of April, security issues have cast a shadow over a product that has been helping much of the world adjust to a new normal during these testing times.

Zoom are not the only ones to feel the pinch at this time. Cyber security threats have heightened during the crisis as cyber criminals look to take advantage of companies that cannot operate as securely as they usually would.

Proofpoint, who specialise in email fraud security, released a report in March outlining the extent to which the coronavirus can drastically change an industry: 80% of the overall threat landscape is using the virus as a theme in their attacks.

Email is just one of several ways in which cyber criminals are targeting individuals and businesses during this time. As we move through Q2 of 2020, we wanted to take a look at some of the cyber threats that you should look out for in 2020, not just those related to the COVID-19 crisis.

The Changing landscape of Cyber Security

Before we get into some of the biggest threats to look out for, we wanted to look at the cyber security landscape as a whole and assess how this has changed.

Disruption — over-reliance on fragile connectivity creates the potential for premeditated internet outages capable of bringing trade to its knees and heightened risk that ransomware will be used to hijack the Internet of Things.

Distortion — the intentional spread of misinformation, including by bots and automated sources, causes trust in the integrity of information to be compromised.

Cyber Security Professionals shortage

In this ever changing landscape, with damage related to cybercrime set to be worth an estimated $6 trillion USD annually by 2021 (Source: Cybersecurity Ventures), the industry is suffering from a lack of cyber security professionals. CNBC reported in March 2019 that a serious shortage of cybersecurity experts could cost companies hundreds of millions of dollars.

According to the report, there were 2.93 million cybersecurity positions open and unfilled around the world.

Without trained security staff, organisations do not have the right controls or processes to detect and prevent cyberattacks.

This lack of trained cyber security professionals creates an issue for cyber security worldwide and contributes to the five biggest threats to cyber security that we have highlighted below.

1. Cloud vulnerability

As enterprises continue to rely more on more on cloud applications for the storage of sensitive data relating to their employees and business operations, the more they rely on the security of cloud-based solutions to keep that data secure.

This creates new problems for cyber security professionals as they are fighting cyber security threats across multiple areas of the business.

Forbes predicts that 83 percent of enterprise workload will be on the cloud by 2020.

These organisations make tempting targets for malicious hackers. Data breach, misconfiguration, insecure interfaces and APIs, account hijacking, malicious insider threats, and DDoS attacks are among the top cloud security threats that will continue to haunt firms failing to invest in a robust cloud security strategy.

2. Sophisticated phishing attacks

Phishing attacks, in which carefully targeted digital messages are transmitted to fool people into clicking on a link that can then install malware or expose sensitive data, are becoming more sophisticated.

Phishing is one of the oldest forms of cyberattack, and as employees and individuals have become more aware of the dangers of email phishing or clicking on suspicious looking links, cyber criminals have had to up the ante.

Machine learning is now being used by cyber criminals to quickly craft and distribute convincing fake messages that can compromise an organisation’s networks and systems.

These types of attack enable hackers to steal user logins, credit card credentials and other types of personal financial information, as well as gain access to private databases.

3. IoT-based attacks

The number of internet-connected “smart” devices in homes and businesses are starting to increase. The problem is that not all these smart devices have strong security installed—creating openings for attackers to hijack these devices to infiltrate business networks.

“Reaper, a malware that exploited vulnerabilities in IoT devices to gain access and spread itself. The end result of these types of attacks is that threat actors can enlist millions of compromised IoT devices to drive largescale attacks, including the distributed denial-of-service (DDoS) attacks that commonly disrupt and take down website, gaming, and other internet services.”

Simply put, an IoT attack is any cyberattack that leverages a victim’s use of internet-connected smart devices (such as Wi-Fi enabled speakers, appliances, alarm clocks, etc.) to sneak malware onto a network. These attacks target IoT devices specifically because they are often overlooked when it comes to applying security patches—making them easier to compromise.

4. Ransomware

Ransomware attacks are believed to cost victims billions of dollars every year, as hackers deploy technologies that enable them to literally kidnap an individual or organisation’s databases and hold all the information for ransom. The rise of cryptocurrencies like Bitcoin is credited with helping to fuel ransomware attacks by allowing ransom demands to be paid anonymously.

As we move into 2020, ransomware attacks are likely to focus more on businesses than individuals. As noted by ITPro Today, “The rate of detections within businesses rose from 2.8 million in the first quarter of 2018 to 9.5 million in the first quarter of 2019. That’s nearly a 340% increase in detections.”

One reason why businesses are being targeted more than private citizens now is that they have more money and motivation to pay ransoms.

Ransomware attacks generally involve the attacker infecting a victim’s systems with a piece of malware that encrypts all their data. The victim is then presented with an ultimatum—either pay the ransom or lose their data forever.

5. Vehicle cyberattacks

As more cars and trucks are connected to the Internet, the threat of vehicle-based cyberattacks rises.

The worry is that cybercriminals will be able to access vehicles to steal personal data, track the location or driving history of these vehicles, or even disable or take over safety functions.

While the driverless car is close, but not yet here, the connected car is. A connected car utilises onboard sensors to optimise its own operation and the comfort of passengers. This is typically done through embedded, tethered or smartphone integration. As technology evolves, the connected car is becoming more and more prevalent; by 2020, an estimated 90 percent of new cars will be connected to the internet, according to a report titled “7 Connected Car Trends Fuelling the Future”.

The Verge reported one of the most high-profile IoT security breaches back in 2016. A pair of hackers compromised the Jeep Cherokee, taking complete control of the steering, braking and transmission. This was done as a testing experiment, but it highlighted the flaws with internet connected devices and IoT security threats.

Summary

COVID-19 has heightened the threats posed by cyber criminals, however even before the global pandemic took control, many of these threats listed above, plus many more were already posing a threat to individual and businesses throughout the world. Some of these other threats include:

Third party vendors, contractors, and partners

Smart medical devices

IoT attacks

State sponsored attacks

Cyber physical attacks

Election security

Disinformation in social media

AI threats

Deep fakes

Data privacy

We find ourselves in challenging times where the threat posed by cyber criminals is greater than ever. As we extend our networks and provide access to information from anywhere it is important to ensure that your own security is as tight as possible. If you want to talk about cyber security solutions for your business, get in touch with one of the team today and keep your business and employees safe from cybercrime.